The rise of WebKit browsers, and the fear of IE6-style stagnation

Now that Opera has announced they'll be switching from their Presto HTML rendering engine to WebKit, the open source engine rendering engine Apple forked from KHTML, there's been some concern that having such a dominant technology could one again lead to the type of browser stagnation we suffered under Microsoft and Internet Explorer 6 (IE6). Indeed, Safari on iOS and OS X, Google's Chrome, Palm's webOS, BlackBerry's Torch, and others have all based themselves on WebKit. Writing on Hypercritical, however, John Siracusa thinks the parallel doesn't hold:

I haven’t forgotten the past. A single, crappy web browser coming to dominate the market would be just as terrible today as it was in the dark days of IE6. But WebKit is not a browser. Like Linux, it’s an enabling technology. Like Linux, it’s free, open-source, and therefore beyond the control of any single entity.

I think Siracusa's exactly right. IE was a proprietary app with an ActiveX lock-in. WebKit has become infrastructure surfaced in many apps. Too many, too smart companies all have stake in WebKit and driving it forward. It's open source, but can be strongly opinionated by platform.

It's the best of both browser worlds.

And if you hate it, you still have Microsoft's Trident and Mozilla's Gecko to keep you company, or as long as they can keep up.

WebKit is not a browser, but the danger still exists, just up one level. WebKit itself may remain neutral, but if Google or Apple were to create some extensions on top of WebKit that are a) proprietary, b) popular enough to become defacto standards, and c) difficult or impossible for others to duplicate, we would have the same problem. It is unlikely, not because of any inherent virtues in the WebKit project, but because the two major WebKit players have shown admirable generosity in terms of contributing good stuff back to the core project, and that neither has the marketshare or the infrastructure MS had back in the day to create any sort of strict browser lock in.

For the record this was my initial thought, then I realized that most modern browsers have an auto update feature, therefore any security holes/breaches are usually closed very promptly before it becomes a mass issue =)